Situation
VMware has found a vulnerability in its Directory Service (VMDIR) where an attacker could exploit this vulnerability and take control of an affected system. VMware has listed this as article VMSA-2020-0006 and has been listed it as CVE-2020-3952. This vulnerability impacts VMware vCenter Server platforms.
Problem
VMware has found that under certain conditions VMDIR that ships with VMware vCenter Server does not correctly implement access controls.
Implication
This vulnerability could allow an attacker that has network access to the VMDIR deployment to potentially access confidential information that could lead to compromise of the vCenter Server or services dependent on VMDIR for authentication.
Need
To Remediate this vulnerability, CVE-2020-3952, apply the updates listed in the fixed version column of the response matrix. You can learn more by clicking the links below.
Learn More
https://www.vmware.com/security/advisories/VMSA-2020-0006.html
https://kb.vmware.com/s/article/78543